This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos Upgrade from 5.5.0 to 5.5.2

Hi,

I have recently upgraded from the Sophos Enterprise Console 5.5.0 to 5.5.2 and I got an error Unable to install Sophos Credential Store Service and failed to upgrade to 5.5.2.

The SEC 5.5.0 is still there. The Under Programs and Features I find the Sophos Management Console and Sophos Management Server are still with version 5.5.0.

Could you please let me know how to fix this error and what I will do next to complete an upgrade to 5.5.2

Your assistance on this request would be extremely appreciated.

Thank you.

Kind regards,

T Doan

 



This thread was automatically locked due to age.
Parents
  • The most common reason I've heard of this happening here is due to the "Logon as a service" rights being defined within your local or domain security policy.  The Credential Store creates a new service account and attempts to start the service using that account as part of the installation process.  If the local or domain security policy does not include "NT SERVICES\ALL SERVICES", the Credential Store service may fail to start.

  • Hi MEric,

     

    Thank you for your response.

    As I couldn't install the Credential Store service while upgrading and it terminated/stopped straight away from there. Please let me know how to fix this and what I can do next to complete an upgrade.

    Thank you and look forward to your response.

     

    Kind regards,

    Accounts Payable1

     

  • Does NT SERVICE/ALL SERVICES exist if you run the following in an administrative command prompt?  What you are looking for in the report is under Settings > Policies > Windows Settings > Security Settings > Local Policies User Rights Assignment > Log on as a service.
    gpresult /h C:\Windows\Temp\report.htm
    C:\Windows\Temp\report.htm

    If this setting has been specified and NT SERVICE\ALL SERVICES is not listed, you will need to add it in.  Open up Group Policy Management on your DC and modify the group policy applied to your SEC server. Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Log on as a service.  When adding the user, type in NT SERVICE/ALL SERVICES and click "OK", not Browse.  Save this policy.

    After saving, force the SEC server to retrieve this new policy by running gpupdate /force.  Verify that NT SERVICE/ALL SERVICES now exists under the report by running the gpresult command mentioned at the start.  If so attempt to run the installer again.

Reply
  • Does NT SERVICE/ALL SERVICES exist if you run the following in an administrative command prompt?  What you are looking for in the report is under Settings > Policies > Windows Settings > Security Settings > Local Policies User Rights Assignment > Log on as a service.
    gpresult /h C:\Windows\Temp\report.htm
    C:\Windows\Temp\report.htm

    If this setting has been specified and NT SERVICE\ALL SERVICES is not listed, you will need to add it in.  Open up Group Policy Management on your DC and modify the group policy applied to your SEC server. Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > User Rights Assignment > Log on as a service.  When adding the user, type in NT SERVICE/ALL SERVICES and click "OK", not Browse.  Save this policy.

    After saving, force the SEC server to retrieve this new policy by running gpupdate /force.  Verify that NT SERVICE/ALL SERVICES now exists under the report by running the gpresult command mentioned at the start.  If so attempt to run the installer again.

Children
  • Hii MEric,

     

    Thank you for your response.

    Yes I will follow your instructions to add  NT SERVICES\ALL SERVICES to Group Policy Management. I would like to ask you I can run setup.exe file from the sec_552 install folder to continue upgrading to 5.5.2 (As I see Sophos Management Database version 5.5.2 has been installed the under Programs and Features) or I have to run sec_552_sfx.exe to start from the beginning to complete an upgrade 5.5.2

    Please advise...

    Thank you.

     

    Kind regards,

    T Doan

     

     

  • Hello T Doan,

    I can run setup.exe file from the sec_552 install folder
    yes, for subsequent attempts this is the right choice. the sfx does nothing more than extracting the archive to sec_552 and calling setup.exe.

    Sophos Management Database version 5.5.2 has been installed
    you'll run into the problem described in Installer has detected different versions of the components installed. This would be Scenario 1 in the article. Uninstall the Database component, re-run the Installer, it will offer to upgrade the other components (the Database will be greyed out). Do not forget to reinstall the Database component with the CREATE_DATABASES=0 argument even though there will be no future upgrades - if for whatever reason you re-run the Installer again it would otherwise let you (or someone else) tick the Database component, attempt to install it but fail. Might cause confusion.

    Christian

  • Hi Christian,

     

    Thank you for the update.

    I will do as what you mentioned and let you know the result after upgrading.

     

    Kind regards,

    T Doan

     

     

  • Hi Christian,

    I did as what you mentioned.

    1)   I uninstalled Sophos Management Database version 5.5.2 under Programs and Features

    2)   I ran setup.exe from C:\sec_552\ServerInstaller\ folder

    Unfortunately, I got another error "The Installer detected the following errors that must be corrected before installation". "The server cannot be upgraded. The current credentials do not permit access to the SOPHOS552 database."

    I still see all database of version 5.5.2 in C:\Program Files\Microsoft SQL Server\...\MSSQL\DATA folder. Although I uninstalled Sophos Management Database version 5.5.2

    Do you think I need to install Sophos Management Database version 5.5.2 before running setup.exe ?

    Could you please tell me what I can do next to fix this and complete an upgrade?

    Thank you and look forward to your response.

     

    Kind regards,

    T Doan

     

     

     

  • Hello T Doan,

    I still see all database of version 5.5.2
    this is expected, uninstalling the Database Component does not drop the associated databases.
    [Do] I need to install Sophos Management Database version 5.5.2?
    you had to uninstall it because otherwise setup.exe will complain that the components have different versions.

    I got another error
    Could you post the associated Sophos_bootstrapper log?

    Christian

  • Hi Christian,

    As you see the errors highlighted below. Please advise...

    Thank you.

    Kind regards

    T Doan

    //===============================================================================================

    Started Setup.exe, located at: C:\sec_552\ServerInstaller
    30/06/2020 11:00:52 AM, INFO : Verifying files in folder
    30/06/2020 11:00:52 AM, INFO : Target folder verification completed successfully
    30/06/2020 11:00:52 AM, INFO : Initialized COM in the main thread
    30/06/2020 11:00:52 AM, INFO : Initialized COM security in the main thread
    30/06/2020 11:00:52 AM, INFO : The Winsock 2.2 dll was found okay.
    30/06/2020 11:00:52 AM, INFO : --------System Information------------
    30/06/2020 11:00:52 AM, INFO : Computer Name: PCSERVER
    30/06/2020 11:00:52 AM, INFO : Operating System: Microsoft Windows Server 2012 R2 Standard|C:\Windows|\Device\Harddisk0\Partition4
    30/06/2020 11:00:52 AM, INFO : Service Pack: 0
    30/06/2020 11:00:52 AM, INFO : System Type: 64 bit Operating System
    30/06/2020 11:00:52 AM, INFO : Locale: en
    30/06/2020 11:00:52 AM, INFO : Logged-on User: PCDomain\admin
    30/06/2020 11:00:52 AM, INFO : Domain: PCDomain
    30/06/2020 11:00:52 AM, INFO : Command line args:
    30/06/2020 11:00:52 AM, INFO : C:\sec_552\ServerInstaller\Setup.exe
    30/06/2020 11:00:52 AM, INFO : --------------------------------------
    30/06/2020 11:00:52 AM, INFO : Checking SQLNCLI version...
    30/06/2020 11:00:52 AM, INFO : Found same or newer SQLNCLI version (11.4.7001.0) in the 32 bit registry than the packed version (11.4.7001.0)
    30/06/2020 11:00:52 AM, INFO : Detected MSI version: 5.0.9600
    30/06/2020 11:00:52 AM, INFO : Activate state: Idle
    30/06/2020 11:00:52 AM, INFO : Obtaining SQL instances on local machine...
    30/06/2020 11:00:52 AM, INFO : Computer is joined to domain: PCDomain
    30/06/2020 11:00:52 AM, INFO : Found installed component: {FC2876E5-3698-4534-A126-52792C4F0350} version: 5.5.0
    30/06/2020 11:00:52 AM, INFO : Found MSI: \Console64.msi version: 5.5.2
    30/06/2020 11:00:53 AM, INFO : Found installed component: {9BCC5C9E-94B6-40CA-A025-2A33C78256C6} version: 5.5.0
    30/06/2020 11:00:53 AM, INFO : Found MSI: \Server64.msi version: 5.5.2
    30/06/2020 11:00:53 AM, INFO : Found MSI: \Database64.msi version: 5.5.2
    30/06/2020 11:00:53 AM, INFO : Found installed component: {2C7A82DB-69BC-4198-AC26-BB862F1BE4D0} version: 1.7.1.19
    30/06/2020 11:00:53 AM, INFO : Found MSI: SUM.msi version: 1.6.2.186
    30/06/2020 11:00:53 AM, INFO : SEC Console detected.
    30/06/2020 11:00:53 AM, INFO : SEC Server detected.
    30/06/2020 11:00:53 AM, INFO : SUM detected.
    30/06/2020 11:00:53 AM, INFO : Upgrade 5.x workflow
    30/06/2020 11:00:53 AM, INFO : Installation value ID '12': INSTALLDIR="C:\Program Files\Sophos" INSTALLDIR32="C:\Program Files (x86)\Sophos" SUM_INSTALLDIR="C:\Program Files (x86)\Sophos\Update Manager"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '19': UPGRADE="1"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '6': SERVER_COMPUTERNAME="PCSERVER"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '5': SERVER_PORT="80"
    30/06/2020 11:00:53 AM, ERROR : No Sophos Credential Store Service found: 80040154
    30/06/2020 11:00:53 AM, INFO : Installation value ID '1': SERVER_USERNAME="SophosManagement"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '2': SERVER_USERNAMEDOMAIN="PCDomain"
    30/06/2020 11:00:53 AM, ERROR : No Sophos Credential Store Service found: 80040154
    30/06/2020 11:00:53 AM, INFO : Installation value ID '4': SERVER_USERNAMEPASSWORD="******"
    30/06/2020 11:00:53 AM, INFO : upn found: SophosManagement@PCDomain.local
    30/06/2020 11:00:53 AM, INFO : Installation value ID '3': SERVER_UPN="SophosManagement@PCDomain.local"
    30/06/2020 11:00:53 AM, INFO : Database account known. Database page will not be displayed
    30/06/2020 11:00:53 AM, INFO : DB instance from registry: "(local)\SOPHOS"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '0': DATABASE_SERVERNAME="(local)\SOPHOS"
    30/06/2020 11:00:53 AM, INFO : Non-encryption ready connection string built from registry for 'SOPHOS552': Data Source=(local)\SOPHOS;Initial Catalog=SOPHOS550;Integrated Security=SSPI;Provider=SQLOLEDB;
    30/06/2020 11:00:53 AM, INFO : Sanitizing and updating non-encryption ready connection string for 'SOPHOS552'...
    30/06/2020 11:00:53 AM, INFO : Installation value ID '0': DATABASE_SERVERNAME="(local)\SOPHOS" DATABASE_CONNECTIONSTRING="Server=(local)\SOPHOS;Database=SOPHOS552;Trusted_Connection=Yes;Provider=SQLNCLI11;"
    30/06/2020 11:00:53 AM, INFO : There is no encryption ready connection string in the registry for 'SOPHOS552'
    30/06/2020 11:00:53 AM, INFO : Installation value ID '32': SECURITY_DATABASE_SERVERNAME="(local)\SOPHOS"
    30/06/2020 11:00:53 AM, INFO : Non-encryption ready connection string built from registry for 'SophosSecurity': Server=(local)\SOPHOS;Database=SophosSecurity;Trusted_Connection=Yes;Provider=SQLNCLI11;
    30/06/2020 11:00:53 AM, INFO : Sanitizing and updating non-encryption ready connection string for 'SophosSecurity'...
    30/06/2020 11:00:53 AM, INFO : Installation value ID '32': SECURITY_DATABASE_SERVERNAME="(local)\SOPHOS" SECURITY_DATABASE_CONNECTIONSTRING="Server=(local)\SOPHOS;Database=SophosSecurity;Trusted_Connection=Yes;"
    30/06/2020 11:00:53 AM, INFO : There is no encryption ready connection string in the registry for 'SophosSecurity'
    30/06/2020 11:00:53 AM, INFO : Installation value ID '33': PATCH_DATABASE_SERVERNAME="(local)\SOPHOS"
    30/06/2020 11:00:53 AM, INFO : Non-encryption ready connection string built from registry for 'SOPHOSPATCH52': Timeout=60;Server=(local)\SOPHOS;Database=SOPHOSPATCH52;Trusted_Connection=Yes;Provider=SQLNCLI11;
    30/06/2020 11:00:53 AM, INFO : Sanitizing and updating non-encryption ready connection string for 'SOPHOSPATCH52'...
    30/06/2020 11:00:53 AM, INFO : Installation value ID '33': PATCH_DATABASE_SERVERNAME="(local)\SOPHOS" PATCH_DATABASE_CONNECTIONSTRING="Timeout=60;Server=(local)\SOPHOS;Database=SOPHOSPATCH52;Trusted_Connection=Yes;"
    30/06/2020 11:00:53 AM, INFO : There is no encryption ready connection string in the registry for 'SOPHOSPATCH52'
    30/06/2020 11:00:53 AM, INFO : Installation value ID '7': SERVER_FEEDBACKENABLED="0"
    30/06/2020 11:00:53 AM, INFO : Installation value ID '8':
    30/06/2020 11:00:53 AM, INFO : Installation value ID '9':
    30/06/2020 11:00:53 AM, INFO : Installation value ID '20': DB_UPGRADE_VERSION="550"
    30/06/2020 11:00:53 AM, INFO : Checking for presence of database: SOPHOSENC52 on instance: ...
    30/06/2020 11:00:53 AM, INFO : Finished retrieving instances - Timeout
    30/06/2020 11:00:53 AM, INFO : Obtaining remote SQL instances on network...
    30/06/2020 11:00:54 AM, INFO : Finished retrieving instances - Timeout
    30/06/2020 11:01:08 AM, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: Named Pipes Provider: Could not open a connection to SQL Server [2].
    30/06/2020 11:01:08 AM, INFO : Checking for presence of database: SOPHOSENC51 on instance: ...
    30/06/2020 11:01:24 AM, ERROR : COM error. Connection string: Application Name=SEC Bootstrapper;Database=master;Provider=SQLNCLI11;Server=;Trusted_Connection=Yes;DataTypeCompatibility=80; - Error: Unspecified error, Description: Named Pipes Provider: Could not open a connection to SQL Server [2].
    30/06/2020 11:01:24 AM, INFO : Installation value ID '29': ENCDBVERSION="0"
    30/06/2020 11:01:24 AM, INFO : SupportedOS isFatal: 1
    30/06/2020 11:01:24 AM, INFO : Entered Welcome page.
    30/06/2020 11:01:28 AM, INFO : Running System Property Check: User must be an administrator on this computer...
    30/06/2020 11:01:28 AM, INFO : System Property Check: User must be an administrator on this computer - PASSED
    30/06/2020 11:01:28 AM, INFO : Running System Property Check: All SEC components installed must be the same version...
    30/06/2020 11:01:28 AM, INFO : Found installed component: {FC2876E5-3698-4534-A126-52792C4F0350} version: 5.5.0
    30/06/2020 11:01:28 AM, INFO : Found MSI: \Console64.msi version: 5.5.2
    30/06/2020 11:01:28 AM, INFO : Found installed component: {9BCC5C9E-94B6-40CA-A025-2A33C78256C6} version: 5.5.0
    30/06/2020 11:01:28 AM, INFO : Found MSI: \Server64.msi version: 5.5.2
    30/06/2020 11:01:28 AM, INFO : Found MSI: \Database64.msi version: 5.5.2
    30/06/2020 11:01:28 AM, INFO : Found installed component: {2C7A82DB-69BC-4198-AC26-BB862F1BE4D0} version: 1.7.1.19
    30/06/2020 11:01:28 AM, INFO : Found MSI: SUM.msi version: 1.6.2.186
    30/06/2020 11:01:28 AM, INFO : System Property Check: All SEC components installed must be the same version - PASSED
    30/06/2020 11:01:28 AM, INFO : Entered Eula page.
    30/06/2020 11:01:31 AM, INFO : Accepted Eula.
    30/06/2020 11:01:32 AM, INFO : Running System Property Check: Support operating system version and service pack must be installed...
    30/06/2020 11:01:33 AM, INFO : SupportedOS: Version: 6.3.9600 SP: 0.0 Architecture: 64-bit Edition: 18 Name: Microsoft Windows Server 2012 R2 Standard|C:\Windows|\Device\Harddisk0\Partition4 Type: 2 MajorVersion: 6 MinorVersion: 3 SPMajorVersion: 0 SPMinorVersion: 0
    BuildNumber: 9600 Caption: Microsoft Windows Server 2012 R2 Standard Name: Microsoft Windows Server 2012 R2 Standard|C:\Windows|\Device\Harddisk0\Partition4 OperatingSystemSKU: 7 OSArchitecture: 64-bit OSProductSuite: 272 OSType: 18 ProductType: 2 ServicePackMajorVersion: 0 ServicePackMinorVersion: 0 SuiteMask: 272 Version: 6.3.9600
    30/06/2020 11:01:33 AM, INFO : ConsoleInstall: 1 ConsoleOnly: 0 InstallMode: 8
    30/06/2020 11:01:33 AM, INFO : System Property Check: Support operating system version and service pack must be installed - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Encryption must be not installed...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Encryption must be not installed - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: System account must be able to impersonate other accounts...
    30/06/2020 11:01:33 AM, INFO : System Property Check: System account must be able to impersonate other accounts - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Machine name should not exceed 15 characters...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Machine name should not exceed 15 characters - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Computer should have only one network adapter to ensure that RMS binds correctly...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Computer should have only one network adapter to ensure that RMS binds correctly - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Computer must be rebooted (Installer runonce key or SGN localCache detected) - Computer should be rebooted (warning if there are pending rename operations)...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Computer must be rebooted (Installer runonce key or SGN localCache detected) - Computer should be rebooted (warning if there are pending rename operations) - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Computer should have more than 4GB RAM...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Computer should have more than 4GB RAM - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: SEC 1.x, 2.0 or 3.x must not be installed on this computer...
    30/06/2020 11:01:33 AM, INFO : Product is not installed on local system. Upgrade code: {AC0DE50E-751A-4081-8F5B-8DC7ACBBBD4A}
    30/06/2020 11:01:33 AM, INFO : SEC 2.x is not installed on local system. MsiQueryProductState return -1
    30/06/2020 11:01:33 AM, INFO : SEC 3.x is not installed on local system. MsiQueryProductState return -1
    30/06/2020 11:01:33 AM, INFO : System Property Check: SEC 1.x, 2.0 or 3.x must not be installed on this computer - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos Help Desk must not be installed on this computer...
    30/06/2020 11:01:33 AM, INFO : Product is not installed on local system. Upgrade code: {4ED6795A-1166-4277-B059-5189544286FE}
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos Help Desk must not be installed on this computer - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos Control Center 2.x must not be installed on this computer...
    30/06/2020 11:01:33 AM, INFO : Product is not installed on local system. Upgrade code: {99D634CF-54AF-4FCD-8259-AF8BAA7E7FC5}
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos Control Center 2.x must not be installed on this computer - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Simple file sharing must be disabled...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Simple file sharing must be disabled - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos EM Console must not be installed on this computer...
    30/06/2020 11:01:33 AM, INFO : Product is not installed on local system. Upgrade code: {32FF7557-4C84-4E2E-B917-EE09D8E59FDE}
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos EM Console must not be installed on this computer - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos EM Library must not be installed on this computer...
    30/06/2020 11:01:33 AM, INFO : Product is not installed on local system. Upgrade code: {7A81AAEB-E07D-4E38-A36B-9B91FA0BA578}
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos EM Library must not be installed on this computer - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos Enterprise Console must not be running...
    30/06/2020 11:01:33 AM, INFO : EnterpriseConsole.exe not found in the list of processes running
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos Enterprise Console must not be running - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos Enterprise Manager must not be running...
    30/06/2020 11:01:33 AM, INFO : EnterpriseManager.exe not found in the list of processes running
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos Enterprise Manager must not be running - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Sophos Control Center must not be running...
    30/06/2020 11:01:33 AM, INFO : SbeConsole.exe not found in the list of processes running
    30/06/2020 11:01:33 AM, INFO : System Property Check: Sophos Control Center must not be running - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: This computer should have at least 8GB free disk space on the primary drive...
    30/06/2020 11:01:33 AM, INFO : Enough space: 821279.000000 Mb
    30/06/2020 11:01:33 AM, INFO : System Property Check: This computer should have at least 8GB free disk space on the primary drive - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: SEC should not be installed on a Domain Controller...
    30/06/2020 11:01:33 AM, INFO : The computer is a Domain Controller
    30/06/2020 11:01:33 AM, WARNING : System Property Check: SEC should not be installed on a Domain Controller - FAILED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Logged on user must have rights to query the accounts used by the existing installation...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Logged on user must have rights to query the accounts used by the existing installation - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Checking database account for server upgrade...
    30/06/2020 11:01:33 AM, INFO : Checking for presence of database: SOPHOS552 on instance: (local)\SOPHOS...
    30/06/2020 11:01:33 AM, INFO : Database: SOPHOS552 exists on instance: (local)\SOPHOS.
    30/06/2020 11:01:33 AM, INFO : Validating whether credentials provided can access the selected sql instance...
    30/06/2020 11:01:33 AM, ERROR : Failed to create impersonation token for: PCDomain\SophosManagement. 6 - The handle is invalid.

    30/06/2020 11:01:33 AM, ERROR : Credentials cannot conenct to the remote database for the server upgrade
    30/06/2020 11:01:33 AM, ERROR : System Property Check: Checking database account for server upgrade - FAILED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: The logged on user must be able to connect to the domain controller in Active Directory...
    30/06/2020 11:01:33 AM, INFO : System Property Check: The logged on user must be able to connect to the domain controller in Active Directory - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: All subscriptions must be either recommended or previous tags...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : System Property Check: All subscriptions must be either recommended or previous tags - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: SUM subscription must be set to 'Recommended'...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : System Property Check: SUM subscription must be set to 'Recommended' - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: All subscriptions should have autosubscribe enabled...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : System Property Check: All subscriptions should have autosubscribe enabled - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Endpoints with old RMS cannot handle SHA2 therefore they will not be able to communicate with management console...
    30/06/2020 11:01:33 AM, INFO : Checking MAC endpoints...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : Checking UNIX endpoints...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : Checking VSHIELD endpoints...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : Checking LINUX endpoints...
    30/06/2020 11:01:33 AM, INFO : Connecting to existing Sophos database: Application Name=SEC Bootstrapper;Server=(local)\SOPHOS;Database=SOPHOS550;Trusted_Connection=Yes;Provider=SQLNCLI11;DataTypeCompatibility=80;
    30/06/2020 11:01:33 AM, INFO : Executing query...
    30/06/2020 11:01:33 AM, INFO : System Property Check: Endpoints with old RMS cannot handle SHA2 therefore they will not be able to communicate with management console - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Checking if PowerShell 3 or above is installed...
    30/06/2020 11:01:33 AM, INFO : Found PowerShell version: 4.0
    30/06/2020 11:01:33 AM, INFO : System Property Check: Checking if PowerShell 3 or above is installed - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Connection string validity state...
    30/06/2020 11:01:33 AM, INFO : Validating connection string
    30/06/2020 11:01:33 AM, INFO : Get TLS conn str 2
    30/06/2020 11:01:33 AM, INFO : Get conn str 0
    30/06/2020 11:01:33 AM, INFO : Checking connection string 'Data Source=(local)\SOPHOS;Initial Catalog=SOPHOS550;Integrated Security=SSPI;Provider=SQLOLEDB;'
    30/06/2020 11:01:33 AM, INFO : Connected, query result: 6
    30/06/2020 11:01:33 AM, INFO : System Property Check: Connection string validity state - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: Check if connection string contains extra parameters...
    30/06/2020 11:01:33 AM, INFO : Checking connection string for extra parameter
    30/06/2020 11:01:33 AM, INFO : Get TLS conn str 2
    30/06/2020 11:01:33 AM, INFO : Get conn str 0
    30/06/2020 11:01:33 AM, INFO : Connection string has 4 params
    30/06/2020 11:01:33 AM, INFO : Cleaned connection string has 4 params
    30/06/2020 11:01:33 AM, INFO : System Property Check: Check if connection string contains extra parameters - PASSED
    30/06/2020 11:01:33 AM, INFO : Running System Property Check: CredStore state...
    30/06/2020 11:01:33 AM, INFO : SCPU group exists: 1
    CredStore installed: 0
    KeyCheck: 0
    30/06/2020 11:01:33 AM, INFO : Success
    30/06/2020 11:01:33 AM, INFO : System Property Check: CredStore state - PASSED
    30/06/2020 11:01:33 AM, INFO : Entered PreChecks page.
    30/06/2020 11:01:36 AM, INFO : Entered fatal errors page.
    30/06/2020 11:02:10 AM, INFO : Finished Bootstrapper
    30/06/2020 11:02:10 AM, INFO : Cleaned up socket.
    30/06/2020 11:02:10 AM, INFO : Uninitialized COM in main thread

    //===============================================================================================

  • Hello T Doan,

    only the last highlighted block is significant (the Credential Store Service is new with 5.5.2 thus it's ok it is not found; when the database "seems" to be remote - i.e. the Database Component is not installed - it browses for SQL instances, normally does not find one that responds, and consequently encounters the Could not open). 

    The Failed to create impersonation token is strange though, at least I could not yet come up with an explanation. Is SEC 5.5.0 still running? It uses the same credentials/account to access the same instance. So if the account works with SEC it should also do so with the Installer.

    Christian   

  • Hi Christian,

    There are some points that I really cannot understand.

    1)  The SEC version 5.5.0 is up and running.

    2)   The database is the same in PC that is installed SEC 5.5.0. It is not a remote database as the log mentioned.

    As you mentioned It uses the same credentials/account to access the same instance. So if the account works with SEC it should also do so with the Installer. 

    I agree with you this it should get the same instance because the SEC 5.5.0 is working well.

    I really do not know what I can do next to fix these issues. If you have any idea please advise...

    Thank you for your help. Much appreciated!!!

    Kind regards,

    T Doan

     

     

     

     

  • Hello T Doan,

    the database is considered a remote database when the Database Component is not installed, regardless of where it actually resides.

    Unfortunately I can't test this scenario (especially as the problem might be related to the server's role as DC). Thinking about it - no Database Component is installed at the moment. If you reinstall the 5.5.0 Database Component using the MSI from the \sec_550 folder as per the article (don't forget the CREATE_DATABASES=0). Afterwards check that all components are 5.5.0. You should then be able to to upgrade to 5.5.2.

    Christian

  • Hi Christian,

    Just to let you know the support team solved my problem as follows

    The SEC 5.5.2 has a new component Credential Store. I am not sure SEC 5.5. 1 has this component or not. Because I upgraded from SEC 5.5.0 to 5.5.2

    1)  You will need to check "NT SERVICE\ALL SERVICES" from the GPO that is applied to the server then to Local Policies> User Rights Assignment> Log on as a Service. If it does not exist

          then you need to add NT SERVICE\ALL SERVICES to the group policy. This will  avoid getting any error while upgrading.

    2)  If you got the following errors while upgrading.

         The server cannot be upgraded. The current credentials do not permit access to the SOPHOS552 database or The Enterprise Console components installed on this computer are not the           same version.... You need to do

         a)  Check if the SOPHOS552 database currently exists on the server by running the command in command prompt: sqlcmd -E -S .\SOPHOS -q "SELECT NAME FROM sys.databases"

         b)   When this is complete, check Add/Remove Programs and make sure there are currently no 5.5.2 components on the server, uninstall them if they exist.       

         c)  If  the Database Sophos552 exists then you go to the Administrator command prompt and enter the following commands to drop the database Sophos552

              sqlcmd -E -S .\Sophos

              DROP DATABASE Sophos552

              Go

              Quit

        d)  Run the command in administrative command prompt to install the 5.5.2 database component without creating databases (Change database_username and domain to the                          your DB user):

             msiexec /i"C:\sec_552\ServerInstaller\Database64.msi" DATABASE_SERVERNAME="(local)\SOPHOS" DATABASE_USERNAME="SophosManagement"         

             DATABASE_USERNAMEDOMAIN="NTDOMAIN" INSTALLDIR="C:\Program Files (x86)\Sophos" CREATE_DATABASES=0

        e)  Now you can run setup.exe from the C:\sec_552 folder. All is fine after upgrading. It worked for my case.

    I hope these would help someone who has the same problems as my case.

    Thank you.

    Kind regards,

    T Doan